Monitoring AWS IoT

Monitoring is an important part of maintaining the reliability, availability, and
performance of AWS IoT and your AWS solutions. You should collect monitoring data
from
all parts of your AWS solution so that you can more easily debug a multi-point failure
if
one occurs. Before you start monitoring AWS IoT, you should create a monitoring plan
that includes answers to the following questions:

What are your monitoring goals?

Which resources will you monitor?

How often will you monitor these resources?

Which monitoring tools will you use?

Who will perform the monitoring tasks?

Who should be notified when something goes wrong?

The next step is to establish a baseline for normal AWS IoT performance in your
environment, by measuring performance at various times and under different load conditions.
As you monitor AWS IoT, store historical monitoring data so that you can compare it
with current performance data, identify normal performance patterns and performance
anomalies, and devise methods to address issues.

For example, if you're using Amazon EC2, you can monitor CPU utilization, disk I/O,
and network
utilization for your instances. When performance falls outside your established baseline,
you might need to reconfigure or optimize the instance to reduce CPU utilization,
improve
disk I/O, or reduce network traffic.

To establish a baseline you should, at a minimum, monitor the following items:

Logging AWS IoT API Calls with
AWS CloudTrail

AWS IoT is integrated with CloudTrail, a service that captures all of the
AWS IoT API calls and delivers the log files to an Amazon S3 bucket that you specify.
CloudTrail captures API calls from the AWS IoT console or from your code to the
AWS IoT APIs. Using the information collected by CloudTrail, you can determine the
request that was made to AWS IoT, the source IP address from which the request was
made, who made the request, when it was made, and so on.

AWS IoT Information in CloudTrail

When CloudTrail logging is enabled in your AWS account, most API calls made to AWS
IoT
actions are tracked in CloudTrail log files where they are written with other AWS
service records. CloudTrail determines when to create and write to a new file based
on a
time period and file size.

You can store your log files in your Amazon S3 bucket for as long as you want, but
you
can also define Amazon S3 lifecycle rules to archive or delete log files automatically.
By default, your log files are encrypted with Amazon S3 server-side encryption
(SSE).

Understanding AWS IoT Log File
Entries

CloudTrail log files can contain one or more log entries. Each entry lists multiple
JSON-formatted events. A log entry represents a single request from any source and
includes information about the requested action, the date and time of the action,
request parameters, and so on. Log entries are not an ordered stack trace of the
public API calls, so they do not appear in any specific order.

The following example shows a CloudTrail log entry that demonstrates the
AttachPolicy action.